You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by lm...@apache.org on 2010/08/13 00:57:59 UTC
svn commit: r985029 - in /cxf/sandbox/oauth_1.0a:
distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/
rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/
rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ rt/rs...
Author: lmoren
Date: Thu Aug 12 22:57:59 2010
New Revision: 985029
URL: http://svn.apache.org/viewvc?rev=985029&view=rev
Log:
- bug fixes
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp Thu Aug 12 22:57:59 2010
@@ -16,9 +16,12 @@ KIND, either express or implied. See the
specific language governing permissions and limitations
under the License.
-->
+<%--@elvariable id="text" type="java.lang.String"--%>
+<%--@elvariable id="oauthauthorizationdata" type="org.apache.cxf.auth.oauth.provider.OAuthAuthorizationData"--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ page isELIgnored="false" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<html>
<head><title>OAuth 1.0a CXF server</title></head>
<body>
@@ -50,11 +53,22 @@ under the License.
</tr>
<tr align="center">
<td>
- <form name="authZForm" action="authorize" method="POST">
- <input type="text" name="userId" value="" size="20"/><br>
- <input type="hidden" name="oauth_token" value="<%= token %>"/>
- <input type="hidden" name="oauth_callback" value="<%= callback %>"/>
- <input type="submit" name="Authorize" value="Authorize"/>
+ <form name="f" action="/j_spring_security_check" method="POST">
+ <c:if test="${not empty param.login_error}">
+ <font color="red">
+ Your login attempt was not successful, try again.<br/><br/>
+ Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
+ </font>
+ </c:if>
+ <label for="login">User</label>
+ <input type="text" id="login" name='j_username'
+ value='<c:if test="${not empty param.login_error}"><c:out value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/>
+
+ <div class="clear"></div>
+ <label for="password">Password</label>
+ <input type="password" id="password" name="j_password"/>
+ <br>
+ <input type="submit" class="button" name="commit" value="Log in"/>
</form>
</td>
</tr>
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java Thu Aug 12 22:57:59 2010
@@ -144,7 +144,7 @@ public abstract class AbstractOAuthReque
}
RequestToken token = dataProvider
- .getRequestToken(oAuthMessage.getToken(), oAuthMessage.getConsumerKey(), null);
+ .getRequestToken(oAuthMessage.getToken(), null);
if (token == null) {
return secData;
}
@@ -157,7 +157,7 @@ public abstract class AbstractOAuthReque
return addAdditionalParams(secData, token, principal);
}
- token = dataProvider.getRequestToken(oAuthMessage.getToken(), oAuthMessage.getConsumerKey(), null);
+ token = dataProvider.getRequestToken(oAuthMessage.getToken(), null);
if (token == null) {
return secData;
}
@@ -170,7 +170,7 @@ public abstract class AbstractOAuthReque
}
token = dataProvider
- .generateVerifier(oAuthMessage.getToken(), oAuthMessage.getConsumerKey(), principal);
+ .generateVerifier(oAuthMessage.getToken(), principal);
if (token == null) {
return secData;
}
@@ -217,8 +217,7 @@ public abstract class AbstractOAuthReque
OAuth.OAUTH_VERIFIER);
RequestToken token = dataProvider
- .getRequestToken(oAuthMessage.getToken(), oAuthMessage.getConsumerKey(),
- oAuthMessage.getParameter(OAuth.OAUTH_VERIFIER));
+ .getRequestToken(oAuthMessage.getToken(), oAuthMessage.getParameter(OAuth.OAUTH_VERIFIER));
Client authInfo = token.getClient();
OAuthConsumer consumer = new OAuthConsumer(authInfo.getCallbackURL(), authInfo.getConsumerKey(),
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java Thu Aug 12 22:57:59 2010
@@ -77,7 +77,7 @@ public class MemoryOauthDataProvider imp
return reqToken;
}
- public RequestToken getRequestToken(String tokenString, String consumerKey, String oauthVerifier)
+ public RequestToken getRequestToken(String tokenString, String oauthVerifier)
throws OAuthProblemException {
Token token = oauthTokens.get(tokenString);
@@ -87,7 +87,7 @@ public class MemoryOauthDataProvider imp
RequestToken requestToken = (RequestToken)token;
String expectedVerifier = requestToken.getOauthVerifier();
- if (!expectedVerifier.equals(oauthVerifier)) {
+ if (oauthVerifier != null && !expectedVerifier.equals(oauthVerifier)) {
throw new OAuthProblemException(OAuthMessageValidator.VERIFIER_INVALID);
}
@@ -95,18 +95,14 @@ public class MemoryOauthDataProvider imp
if (c == null) {
throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
}
- String key = c.getConsumerKey();
- if (StringUtils.isEmpty(key) || !key.equals(consumerKey)) {
- throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_REFUSED);
- }
validator.validateToken(requestToken);
return requestToken;
}
- public RequestToken generateVerifier(String token, String consumerKey, Principal principal)
+ public RequestToken generateVerifier(String token, Principal principal)
throws OAuthException {
- RequestToken requestToken = getRequestToken(token, consumerKey, null);
+ RequestToken requestToken = getRequestToken(token, null);
if (requestToken != null) {
requestToken.setOauthVerifier(generateToken());
requestToken.setPrincipal(principal);
@@ -127,7 +123,7 @@ public class MemoryOauthDataProvider imp
throws OAuthException {
Client client = requestToken.getClient();
- requestToken = getRequestToken(requestToken.getTokenString(), client.getConsumerKey(), null);
+ requestToken = getRequestToken(requestToken.getTokenString(), null);
String accessTokenString = generateToken();
String tokenSecretString = generateToken();
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java Thu Aug 12 22:57:59 2010
@@ -43,7 +43,7 @@ public interface OAuthDataProvider {
AccessToken getAccessToken(String accessToken, String consumerKey) throws OAuthProblemException;
- RequestToken getRequestToken(String tokenString, String consumerKey, String oauthVerifier)
+ RequestToken getRequestToken(String tokenString, String oauthVerifier)
throws OAuthProblemException;
Client registerNewClient(Principal user, String consumerKey, Client client);
@@ -56,7 +56,7 @@ public interface OAuthDataProvider {
void removeTokenCredentials(Principal user, String consumerKey);
- RequestToken generateVerifier(String token, String consumerKey, Principal principal)
+ RequestToken generateVerifier(String token, Principal principal)
throws OAuthException;
OAuthValidator getValidator();
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java Thu Aug 12 22:57:59 2010
@@ -51,7 +51,7 @@ public class OAuthMessageValidator exten
} else {
Long issuedAt = token.getIssuedAt();
Long lifetime = token.getLifetime();
- if (lifetime != null
+ if (lifetime != -1
&& (issuedAt + lifetime < (System.currentTimeMillis() / 1000))) {
throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);
}